6 Benefits of Upgrading to Modern Operating Systems
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Increasing Automation in the Backporting of Linux Drivers Using Coccinelle
Increasing Automation in the Backporting of Linux Drivers Using Coccinelle Luis R. Rodriguez Julia Lawall Rutgers University/SUSE Labs Sorbonne Universites/Inria/UPMC/LIP6´ [email protected] [email protected] [email protected], [email protected] Abstract—Software is continually evolving, to fix bugs and to a kernel upgrade. Upgrading a kernel may also require add new features. Industry users, however, often value stability, experience to understand what features to enable, disable, or and thus may not be able to update their code base to the tune to meet existing deployment criteria. In the worst case, latest versions. This raises the need to selectively backport new some systems may rely on components that have not yet been features to older software versions. Traditionally, backporting has merged into the mainline Linux kernel, potentially making it been done by cluttering the backported code with preprocessor impossible to upgrade the kernel without cooperation from the directives, to replace behaviors that are unsupported in an earlier version by appropriate workarounds. This approach however component vendor or a slew of partners that need to collaborate involves writing a lot of error-prone backporting code, and results on developing a new productized image for a system. As an in implementations that are hard to read and maintain. We example, development for 802.11n AR9003 chipset support consider this issue in the context of the Linux kernel, for which on the mainline ath9k device driver started on March 20, older versions are in wide use. We present a new backporting 2010 with an early version of the silicon, at which point the strategy that relies on the use of a backporting compatability most recent major release of the Linux kernel was v2.6.32. -
Download Date 24/09/2021 14:31:55
To Upgrade or Not To Upgrade Application Item Type Thesis Authors Francisco, Neil Download date 24/09/2021 14:31:55 Link to Item http://hdl.handle.net/20.500.12648/1799 To Upgrade or Not To Upgrade Application __________________________ A Master's Thesis Project Presented to the Department of Communication and Information Design __________________________ In Partial Fulfillment of the Requirements for the Master of Science Degree State University of New York Polytechnic Institute By Neil Francisco May 2021 TO UPGRADE OR NOT TO UPGRADE SUNY POLYTECHNIC INSTITUTE DEPARTMENT OF INFORMATION DESIGN AND TECHNOLOGY CERTIFICATE OF APPROVAL Approved and recommended for acceptance as a thesis in partial fulfillment of the requirements for the degree of Master of Science in Information Design and Technology. ____________________June 11, 2021 DATE ________________________________ Dr. Kathryn Stam Thesis Advisor ____________________ DATE ________________________________ Dr. Ryan Lizardi Second Reader 2 TO UPGRADE OR NOT TO UPGRADE ABSTRACT New Technology consists of new hardware devices, computational workflows, digital advances, and information systems. As technology continues to evolve over the years, this never-ending cycle of new devices and experiences will always be present amongst consumers. Traditionally, new hardware devices are intriguing because they are designed to improve our access to information, media, and a connection to the digital world, but does this mean our previous-gen devices are no longer valuable? This project involves creating a prototype application designed for both computer and mobile interfaces to help improve the accessibility to information and the overall user experience with an older device. The “To Upgrade or Not To Upgrade” app will inform end-users of their older technological device specifications and suggest hardware/software methods to unlock their full potential. -
Hypervisor-Based Active Data Protection for Integrity And
The 13th Annual ADFSL Conference on Digital Forensics, Security and Law, 2018 HYPERVISOR-BASED ACTIVE DATA PROTECTION FOR INTEGRITY AND CONFIDENTIALITY OF DYNAMICALLY ALLOCATED MEMORY IN WINDOWS KERNEL Igor Korkin, PhD Security Researcher Moscow, Russia [email protected] ABSTRACT One of the main issues in the OS security is providing trusted code execution in an untrusted environment. During executing, kernel-mode drivers dynamically allocate memory to store and process their data: Windows core kernel structures, users’ private information, and sensitive data of third-party drivers. All this data can be tampered with by kernel-mode malware. Attacks on Windows-based computers can cause not just hiding a malware driver, process privilege escalation, and stealing private data but also failures of industrial CNC machines. Windows built-in security and existing approaches do not provide the integrity and confidentiality of the allocated memory of third-party drivers. The proposed hypervisor-based system (AllMemPro) protects allocated data from being modified or stolen. AllMemPro prevents access to even 1 byte of allocated data, adapts for newly allocated memory in real time, and protects the driver without its source code. AllMemPro works well on newest Windows 10 1709 x64. Keywords: hypervisor-based protection, Windows kernel, Intel, CNC security, rootkits, dynamic data protection. 1. INTRODUCTION The vulnerable VirtualBox driver (VBoxDrv.sys) Currently, protection of data in computer memory has been exploited by Turla rootkit and allows to is becoming essential. Growing integration of write arbitrary values to any kernel memory (Singh, ubiquitous Windows-based computers into 2015; Kirda, 2015). industrial automation makes this security issue critically important. -
Kernel Integrity Analysis
Project CS2 AAVR Kernel Integrity Analysis Major Qualifying Project Submitted to the Faculty of Worcester Polytechnic Institute in partial fulfillment of the requirements for the Degree in Bachelor of Science in Computer Science By Caleb Stepanian [email protected] Submitted On: October 27, 2015 Project Advisor: Professor Craig Shue [email protected] This report represents work of WPI undergraduate students submitted to the faculty as evidence of a degree requirement. WPI routinely publishes these reports on its web site without editorial or peer review. For more information about the projects program at WPI, see http: // www. wpi. edu/ Academics/ Projects . Abstract Rootkits are dangerous and hard to detect. A rootkit is malware specifically de- signed to be stealthy and maintain control of a computer without alerting users or administrators. Existing detection mechanisms are insufficient to reliably detect rootkits, due to fundamental problems with the way they do detection. To gain control of an operating system kernel, a rootkit edits certain parts of the kernel data structures to route execution to its code or to hide files that it has placed on the file system. Each of the existing detector tools only monitors a subset of those data structures. This MQP has two major contributions. The first contribution is a Red Team analysis of WinKIM, a rootkit detection tool. The analysis shows my attempts to find flaws in WinKIM's ability to detect rootkits. WinKIM monitors a particular set of Windows data structures; I attempt to show that this set is insufficient to detect all possible rootkits. The second is the enumeration of data structures in the Windows kernel which can possibly be targeted by a rootkit. -
CGD Compute Infrastructure Upgrade Plan
CGD Compute Infrastructure Upgrade Plan 1.0 Introduction The CGD Information Systems (IS) Group (ISG) is charged with providing a modern, progressive, and stable computing environment for the CGD user community. Scientists, engineers, and support staff should be able to concentrate on their individual duties without worrying about systems administration. The current infrastructure is being redesigned and upgraded to meet this goal. Achieving this on a restricted budget requires careful planning, time for implementation, and communication between the user community and the systems staff. Services provided by infrastructure systems will be distributed to provide ease of recovery, ease of upgrade, and flexibility to meet the growing needs of the Division. Hardware will be reused where possible, and eliminated if beyond reasonable use. Automation of services (software builds, user addition/deletion, etc) will be key to managing the growing demands. 2.0 Future CGD Computing Trends Written surveys from 2001 and meetings with each of the sections have revealed a wide variety of needs, desires, and deficiencies. Each section has a unique set of needs that often do not complement other sections. The one common factor among all sections is that more of everything will be needed to meet the common CGD goals: · More disk space for project data, home directories, and e-mail. · More Linux support to take advantage of the price/performance x86 hardware offers. · More computational processing power for modeling development. · More Microsoft products to support presentation/documentation efforts. · More laptops (MS and Linux) for travel and home use. 3.0 General Problems Computers have a useful life span that averages three years. -
The Ultimate Guide to Software Updates on Embedded Linux Devices
The ultimate guide to software updates on embedded Linux devices foss-north 2018 Mirza Krak Session Overview ● Intro ● Basics ● FOSS ecosystem ○ Strategy ○ Key Features ○ Community 2 Mirza Krak ● FOSS enthusiast ● Board Support Package development ● Linux kernel developer ● Yocto/OE-core ● Disclaimer: Mender community member 3 Embedded Linux Devices @internetofshit 4 Embedded Linux environment ● Remote in some cases ○ No physical access to devices ● Long life span ○ 5-10 years ● Unreliable power supply ○ Power loss at any given time ● Unreliable network ○ Mobile ○ Low bandwidth 5 Why do we need update software? ● Fixing issues (bugs) ● Feature growth ● Security updates 6 Software update on-site ● No connectivity ● Easy access to an device ● USB Flash drive ● Technician 7 Software updates (OTA) ● No easy access to device ● Deployment management server ○ status reports ○ current versions 8 What to we need to update? U-boot Linux + DTB Root file-system (distro) Root file-system (apps) MCU/FPGA 9 Requirements (basic) ● Able to update all components ○ Unsafe to update bootloader ● Never render the device unusable (brick) ○ Fail-safe ● Atomic updates ○ No partial install ● Roll-back ○ Not always possible ● Integrity check ● Signed images ○ Trusted images ● Compatibility check ● Persistent data storage 10 Requirements (basic OTA) ● Secure communication channel ○ Encrypted ● Device Authentication (trust) 11 Alternative approaches ● Image/block based updates ○ Easy to implement, test, verify and maintain ● Incremental atomic image upgrade mechanism -
Consumer Response to Versioning: How Brands Production Methods Affect Perceptions of Unfairness
Consumer Response to Versioning: How Brands’ Production Methods Affect Perceptions of Unfairness ANDREW D. GERSHOFF RAN KIVETZ ANAT KEINAN Marketers often extend product lines by offering limited-capability models that are created by removing or degrading features in existing models. This production method, called versioning, has been lauded because of its ability to increase both consumer and firm welfare. According to rational utility models, consumers weigh benefits relative to their costs in evaluating a product. So the production method should not be relevant. Anecdotal evidence suggests otherwise. Six studies show how the production method of versioning may be perceived as unfair and unethical and lead to decreased purchase intentions for the brand. Building on prior work in fairness, the studies show that this effect is driven by violations of norms and the perceived similarity between the inferior, degraded version of a product and the full-featured model offered by the brand. The idea of Apple gratuitously removing fea- been recommended by economists as a production method tures that would have been actually easier to that benefits both firms and consumers (Deneckere and leave in is downright perplexing. McAfee 1996; Hahn 2006; Varian 2000). Firms benefit by reducing design and production costs and by increasing profits The intentional software crippling stance they have taken with the iPod Touch is disturbing through price discrimination when multiple configurations of at best. (Readers’ responses to iPod Touch re- a product are offered. Consumers benefit because versioning view on www.engadget.com) results in lower prices and makes it possible for many to gain access to products that they might otherwise not be able to afford (Shapiro and Varian 1998; Varian 2000). -
Oracle Unbreakable Linux: an Overview
Oracle Unbreakable Linux: An Overview An Oracle White Paper September 2010 Oracle Unbreakable Linux: An Overview INTRODUCTION Oracle Unbreakable Linux is a support program that provides enterprises with industry-leading global support for the Linux operating system at significantly lower costs. The support program, which is available for any customer whether or not they’re running Oracle Unbreakable Linux currently includes support for three architectures: x86; x86-64 (e.g. the latest Intel Xeon and AMD Opteron chips, as used by most Linux customers); and Linux Itanium (ia64). The program offers support for any existing Red Hat Enterprise Linux installations and for new installations of Oracle Linux, an open source Linux operating system that is fully compatible— both source and binary—with Red Hat Enterprise Linux. Complete Support for the Complete Software Stack Oracle’s industry-leading support organization offers expertise that looks at the entire application stack running on top of Linux; only Oracle delivers complete support for the complete software stack—database, middleware, applications, management tools, and the operating system itself. By delivering enterprise-class quality support for Linux, Oracle addresses a key enterprise requirement from customers. When problems occur in a large, complex enterprise environment, it’s often impossible to reproduce such occurrences with very simple test cases. Customers need a support vendor who understands their full environment, and has the expertise to diagnose and resolve the problem by drawing from their knowledge of and familiarity with their framework, as opposed to requesting a simple reproducible test case. Another customer demand is for bug fixes to happen in a timely manner, as customers cannot always afford to wait for months to get a fix delivered to them. -
Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms
Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms Ralf Hund Thorsten Holz Felix C. Freiling Laboratory for Dependable Distributed Systems University of Mannheim, Germany [email protected], fholz,[email protected] Abstract In recent years, several mechanism to protect the in- tegrity of the kernel were introduced [6, 9, 15, 19, 22], Protecting the kernel of an operating system against at- as we now explain. The main idea behind all of these tacks, especially injection of malicious code, is an impor- approaches is that the memory of the kernel should be tant factor for implementing secure operating systems. protected against unauthorized injection of code, such as Several kernel integrity protection mechanism were pro- rootkits. Note that we focus in this work on kernel in- posed recently that all have a particular shortcoming: tegrity protection mechanisms and not on control-flow They cannot protect against attacks in which the attacker integrity [1, 7, 14, 18] or data-flow integrity [5] mech- re-uses existing code within the kernel to perform mali- anisms, which are orthogonal to the techniques we de- cious computations. In this paper, we present the design scribe in the following. and implementation of a system that fully automates the process of constructing instruction sequences that can be 1.1 Kernel Integrity Protection Mecha- used by an attacker for malicious computations. We eval- uate the system on different commodity operating sys- nisms tems and show the portability and universality of our Kernel Module Signing. Kernel module signing is a approach. Finally, we describe the implementation of a simple approach to achieve kernel code integrity. -
Installing Windows 2016/2019 Drivers
Installing Windows 2016/2019 Drivers • Prerequisite for Installing Windows 2016/2019 Drivers, on page 1 • Installing Windows 2016/2019 Drivers During OS Install, on page 2 • Updating Windows 2016/2019 Drivers, on page 2 Prerequisite for Installing Windows 2016/2019 Drivers Ensure that you adhere to the following best practice for installing the Windows drivers. You must upgrade the infrastructure in the following order before upgrading the drivers. • Upgrade the infrastructure firmware which includes the UCS Manager, the fabric interconnects, and the chassis I/O modules. • Upgrade the server and adapter firmware. Caution Failure to adhere to the proper upgrade sequence can cause the server to crash. Caution The driver installation file modifies certain registry entries, such as the disk timeout value of the system disk driver. Removing the driver does not restore these values. Note Before installing the drivers, the interrupt count should be set to greater than or equal to (2*logical processors + 4) for VIC 14XX adapters. The interrupt value can be rounded up to the nearest second power. For more information on how to set the interrupt field for Ethernet adapter policies in the UCS Manager GUI, refer to the UCSM Network Management Guide. Installing Windows 2016/2019 Drivers 1 Installing Windows 2016/2019 Drivers Installing Windows 2016/2019 Drivers During OS Install Installing Windows 2016/2019 Drivers During OS Install If you are installing Windows on a FC or iSCSI LUN, you must install Cisco VIC drivers for Windows during the OS installation. If you do not provide the drivers during the OS installation, the system is not able to detect the LUN. -
Integrity Checking of Function Pointers in Kernel Pools Via Virtual Machine Introspection
Integrity Checking of Function Pointers in Kernel Pools via Virtual Machine Introspection Irfan Ahmed, Golden G. Richard III, Aleksandar Zoranic, Vassil Roussev Department of Computer Science, University of New Orleans Lakefront Campus, New Orleans, LA 70148, United States [email protected], [email protected], [email protected], [email protected] Abstract. With the introduction of kernel integrity checking mecha- nisms in modern operating systems, such as PatchGuard on Windows OS, malware developers can no longer easily install stealthy hooks in kernel code and well-known data structures. Instead, they must target other areas of the kernel, such as the heap, which stores a large number of function pointers that are potentially prone to malicious exploits. These areas of kernel memory are currently not monitored by kernel integrity checkers. We present a novel approach to monitoring the integrity of Windows ker- nel pools, based entirely on virtual machine introspection, called Hook- Locator. Unlike prior efforts to maintain kernel integrity, our implemen- tation runs entirely outside the monitored system, which makes it inher- ently more difficult to detect and subvert. Our system also scales easily to protect multiple virtualized targets. Unlike other kernel integrity check- ing mechanisms, HookLocator does not require the source code of the operating system, complex reverse engineering efforts, or the debugging map files. Our empirical analysis of kernel heap behavior shows that in- tegrity monitoring needs to focus only on a small fraction of it to be effective; this allows our prototype to provide effective real-time moni- toring of the protected system. Keywords: virtual machine introspection; malware; operating systems. -
Microsoft Security Intelligence Report
Microsoft Security Intelligence Report Volume 11 An in-depth perspective on software vulnerabilities and exploits, malicious code threats, and potentially unwanted software in the first half of 2011 Microsoft Security Intelligence Report This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT. This document is provided “as-is.” Information and views expressed in this document, including URL and other Internet Web site references, may change without notice. You bear the risk of using it. Copyright © 2011 Microsoft Corporation. All rights reserved. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. ii Authors Joe Faulhaber John Lambert Dave Probert Hemanth Srinivasan Microsoft Malware Protection Microsoft Security Microsoft Security Microsoft Malware Protection Center Engineering Center Engineering Center Center David Felstead Marc Lauricella Tim Rains Holly Stewart Bing Microsoft Trustworthy Microsoft Trustworthy Microsoft Malware Protection Computing Computing Center Paul Henry Wadeware LLC Aaron Margosis Mark E. Russinovich Matt Thomlinson Microsoft Public Sector Microsoft Technical Fellow Microsoft Security Response Jeff Jones Services Center Microsoft Trustworthy Weijuan Shi Computing Michelle Meyer Windows Business Group Jeff Williams Microsoft Trustworthy Microsoft Malware Protection Ellen Cram Kowalczyk Computing Adam Shostack Center Microsoft Trustworthy Microsoft Trustworthy